Skip to content

Commit

Permalink
Merge pull request #7581 from planetf1/egeria-release-4.0
Browse files Browse the repository at this point in the history
  • Loading branch information
planetf1 authored Mar 28, 2023
2 parents 8214787 + 03e0331 commit 8f5c752
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,13 @@

import org.odpi.openmetadata.userinterface.uichassis.springboot.service.ComponentService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.Collection;
import java.util.Set;
import java.util.stream.Collectors;

@Service
public class RoleService {

@Autowired
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,10 @@ public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addCorsMappings( CorsRegistry registry ) {
registry.addMapping("/**").allowedOrigins(allowedOrigins.toArray(new String[]{}));
registry.addMapping("/**")
.allowedOrigins(allowedOrigins.toArray(new String[]{}))
.allowedMethods("GET","POST","PUT","DELETE")
.allowedHeaders("Authorization","Content-type");
}
};
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,24 @@
/* Copyright Contributors to the ODPi Egeria project. */
package org.odpi.openmetadata.userinterface.uichassis.springboot.auth.service;

import org.odpi.openmetadata.userinterface.uichassis.springboot.auth.RoleService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.jwt.*;
import org.springframework.stereotype.Service;

import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;

@Service
public class TokenService {

@Autowired
RoleService roleService;
private final JwtEncoder encoder;

public TokenService(JwtEncoder encoder) {
Expand All @@ -22,14 +28,16 @@ public TokenService(JwtEncoder encoder) {

public String generateToken(Authentication authentication) {
Instant now = Instant.now();
String scope = authentication.getAuthorities().stream()
List<String> authotities = authentication.getAuthorities().stream()
.map(GrantedAuthority::getAuthority)
.collect(Collectors.joining(" "));
.collect(Collectors.toList());
Collection<String> scope = roleService.extractUserAppRoles(authotities);
JwtClaimsSet claims = JwtClaimsSet.builder()
.issuer("self")
.issuedAt(now)
.expiresAt(now.plus(1, ChronoUnit.HOURS))
.subject(authentication.getName())
.claim("visibleComponents", roleService.getVisibleComponents(scope))
.claim("scope", scope)
.build();
return this.encoder.encode(JwtEncoderParameters.from(claims)).getTokenValue();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ authentication.mode=token
# Below is the default configuration for the two COCO_PHARMA roles we use for demo:

role.visibleComponents.COCO_PHARMA_USER=about,asset-catalog,asset-details,asset-details-print,asset-lineage,asset-lineage-print,end-to-end,ultimate-source,ultimate-destination,vertical-lineage,glossary,repository-explorer
role.visibleComponents.COCO_PHARMA_ADMIN=about,type-explorer
role.visibleComponents.COCO_PHARMA_ADMIN=*

# omas server connection details
omas.server.name=cocoMDS1
Expand Down

0 comments on commit 8f5c752

Please sign in to comment.